The reason was that I was logged in to WP.
Looking for a reason here: WooCommerce REST API Authentication fails when logged in
I am trying to connect to Woocommerce REST API using Ajax (to read product data)
The following URL ...
https://example.com/wp-json/wc/v1/products/1744?consumer_key=ck_xxx&consumer_secret=cs_xxx
... gives me this error:
{"code":"woocommerce_rest_cannot_view","message":"Sorry, you cannot view this resource.","data":{"status":401}}
I also tried the same using CURL like:
curl https://example.com/wp-json/wc/v1/products/1744 \
-u ck_xxx:cs_xxx
And got the same error.
What could be wrong here?
The key is read only.
I am quite sure the error means that everything is ok but there's an issue with authentication.
Entering exactly the same information into Advanced REST Client Chrome extension gives me exactly what I am looking for. Why is it not working with CURL or Ajax?
Even just pasting the URL at http://onlinecurl.com/ gets me 200 OK
EDIT: Got the CURL working like this:
curl -XGET 'https://example.com/wp-json/wc/v1/products/30552?consumer_key=ck_xxx&consumer_secret=xxx'
Related
I'm following the steps in go quickstart gmail api.
On the function getTokenFromWeb, pasting either the long url
https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=abcdefg.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.readonly&state=state-token
or
http://localhost:8000
results in
This site can't be reached. localhost refused to connect. ERR_CONNECTION_REFUSED
Following the same quickstart but for python works flawlessly.
If I get the token via python and use it in Go quickstart, it also works. So the issue is just on the token from web retrieval.
The issue you are having is related to the removal of oob. When that sample was originally created oob still worked. So it would display a nice web page for you where you could copy the authorization code.
That no longer works so we are forced to use http://127.0.0.1 or localhost. As your machine apparently does not have a web server running its displaying to you a 404 error.
However if you look in the URL bar you will find the authorization code you need in order to authorize your application.
The solution is to simply copy the code from the url bar. If you want to fix the 404 your going to have to figure out how to start a web server in order to host the http://127.0.0.1 from.
The python sample does this by running a local server
creds = flow.run_local_server(port=0)
Php can do it using something like this
php -S localhost:8000 -t examples/
Im not sure how that can be done with Go though.
I'm trying to test my backend service which takes a Google reCAPTCHA token and verifies it before proceeding with the request, but each time I want to curl my backend service's endpoint I have to go to the site that is hosting the captcha checkbox, open the network tab in Chrome, click the button, and then manually copy the token from the response into my curl request. Is there a better/easier way to do this? I was hoping that the admin console might have something to help but I don't see anything in there.
In JavaScript you can get reCAPTCHA response by following
let grecaptchaResponse = grecaptcha.getResponse();
I try to download several files from OneDrive through Microsoft Graph.
I am very close to achieve my goal. For the moment I have managed the token system (notably through Jay Lee detailed answer), and achieved to resolve the confusion that I made among the different endpoints that exist in Microsoft Graph (thank you Marc LaFleur - MSFT).
Now I really work on the call of the API that would permit to download the files I want. This is how I proceeded:
1- As I've seen in the Microsoft Graph Documentation, the normal syntax would be the following:
curl -w %{time_total} https://graph.microsoft.com/v1.0/me/drive/items/01M...WU/content -H "Authorization: Bearer $access_token"
2- However, this gives me a 302 request, which I can't handle in bash. So I looked for another solution and I found this Microsoft article explaining that:
"To download files from OneDrive in a JavaScript app you cannot use the /content API, since this responds with a 302 redirect. A 302 redirect is explicitly prohibited when a CORS preflight is required, such as when providing the Authorization header.
Instead, your app needs to select the #microsoft.graph.downloadUrl property, which returns the same URL that /content would have redirected to. This URL can then be requested directly using XMLHttpRequest. Because these URLs are pre-authenticated they can be retrieved without a CORS preflight request."
It talks about Javascript but I think it can be applied to my case.
3- So I tried this method and I wrote:
curl "https://graph.microsoft.com/v1.0/me/drive/items/01MB...WU?select=id,#microsoft.graph.downloadUrl" -H "Authorization: Bearer $access_token"
It gave me the URL that normally would permit me to finally download the file, but when I execute it, I get the following response:
Code:
curl "https://graph.microsoft.com/v1.0/$metadata#users('e967dd4d-680e-4a06-9bf7-468875e1a04c')/drive/items/$entity" -H "Authorization: Bearer $access_token" (it is exactly what I got with the previous request)
Response:
Any help? Why is it a bad request since I've put exactly what I got from the graph.microsoft.com request?
https://graph.microsoft.com/v1.0/$metadata#users('e967dd4d-680e-4a06-9bf7-468875e1a04c')/drive/items/$entity is the #odata.context annotation, which is not what you're after. You need to pull the URL out of the #microsoft.graph.downloadUrl annotation and use that to grab the file contents. The URL you're after should mention download.aspx in it.
I am newbie Parse and I have a problem. I want to use parse classes for dynamic content such as blog posts. Everyting works as expected there is no problem ; but when I try to fetch as google in Google Webmaster Tools it says AJAX blocked. So google will not index this content anyway.
when I follow the link I saw this below.
this is what I see when follow class link
So google crawler try to get ajax content but it comes to it with a ConnectionFailed aka 100 error. (I tested it to show in a label on page what returns in parse query error callback. So I see what renders google)
Am I doing something wrong is this an expected behaviour ?
Anyone knows how to solve this ?
Btw: I am hosting this website on heroku with custom domain over https (with cloudflare dns redirected and free ssl)
I also deployed to Parse Cloud Hosting unfortunately the result is same :(
This is the full result of the Fetch as Google :
full page result of fetch as google
The page at https://api.parse.com/1/classes/GameScore is asking for authentication, and it's throwing a 401 Unauthorized status code for unauthorised requests. That's already a problem.
Besides that, the page at https://api.parse.com/robots.txt is currently showing
User-Agent: *
Disallow: /
Googlebot can't access that page because it's disallowed for crawling in the first place, but even if it could access it, it would run into an authentication gate which it wouldn't be able to pass.
If the content from that URL (https://api.parse.com/1/classes/GameScore) is essential for the page where its referenced/used, you would have to work with Parse to allow crawlers access those URLs.
If it's not essential, then you can safely ignore that warning.
I am using google place api for places sugestions.
https://maps.googleapis.com/maps/api/place/textsearch/json?query=ari&sensor=false&key=your_api_key
I have valid api key and this URL is working fine when I am executing it from the browser.
The api return "OK" as status and places suggestion but when I am executing the same URL by cUrl or file_get_contents It returns "REQUEST_DENIED" as status and hence no place suggestions.
why this is behaving like this.
Is there any setting which I am missing.
Any suggestion would be a great help.
Thanks
Did you ever get your answer to this? As far as I am aware this is die to "cross-site-scripting" security limits. You can't go from the Places API directly to Google even though you can in a browsers address bar. You have to make the call back to your sever and have the server send the call to Google - then return those results back to your page/ web site.